Yahoo Site Apparently Hacked, Exposing 400,000 Passwordshttp://www.businessinsider.com/yahoo-voices-hack-400000-passwords-2012-7/comments
en-usWed, 31 Dec 1969 19:00:00 -0500Tue, 03 Mar 2015 15:58:08 -0500Owen Thomashttp://www.businessinsider.com/c/5021182eeab8eaaf2400001eCindyTue, 07 Aug 2012 09:29:18 -0400http://www.businessinsider.com/c/5021182eeab8eaaf2400001e
My Gmail address was compromised thanks to Yahoo. I was registered with Associated Content before Yahoo took over. Here is what I posted about what has happened since Yahoo's negligence.
<a href="http://cindycrerar.hubpages.com/hub/Yahoo-Voices-Accounts-Hacked-and-My-Experience-since-This-Incident" target="_blank">http://cindycrerar.hubpages.com/hub/Yahoo-Voices-Accounts-Hacked-and-My-Experience-since-This-Incident</a>http://www.businessinsider.com/c/50002ee5ecad04fb77000023i am so smrtFri, 13 Jul 2012 10:21:25 -0400http://www.businessinsider.com/c/50002ee5ecad04fb77000023
That's why my password is pa55word
Shhh... Don't tell!http://www.businessinsider.com/c/4fff84f9ecad04074b000004A41202813@GMAIL.COMThu, 12 Jul 2012 22:16:25 -0400http://www.businessinsider.com/c/4fff84f9ecad04074b000004
---
@KCRob
The Text File I Saw, That Was Made Available For Download, By The Links Of PCW Articles Has No Hashes There.
400K+ Clear Text Entries In The Format ( Email:Password ).http://www.businessinsider.com/c/4fff5f45eab8ea8266000001KCRobThu, 12 Jul 2012 19:35:33 -0400http://www.businessinsider.com/c/4fff5f45eab8ea8266000001
OK - what was leaked? Clear text passwords and user names? I kind of doubt it. More likely it was a set of password hashes. A clear text list of usernames and passwords probably doesn't exist.
Secure hashes cannot be undone (converting an SHA1 back to clear text). What can be done is to create a list of hashes from a set of password strings (or the dictionary) and then compare passwords in the stolen list to the list you computed.
If you use a reasonably strong password, the chances of the hash being on a list of passwords and their hashes are remote. If you use "secret" then the hash is on the list. (secret = "5en6G6MezRroT3XKqkdPOmY/BfQ=").
Nevertheless, the password hash list should not have been accessible outside of the Yahoo system.http://www.businessinsider.com/c/4fff349f69bedde82a000001Ninth LifeThu, 12 Jul 2012 16:33:35 -0400http://www.businessinsider.com/c/4fff349f69bedde82a000001
The former FBI agent who could have prevented the 9/11 attacks, works for Yahoo as their head Security Expert. John Zent was Ali Muhamed's FBI handler in the early '90s. According to the book 'Triple Cross' Zent let him slip through his fingers. Ali Muhamed was one of the masterminds behind the 9/11 attack, among others. Zent was the first person to ever hear the words al Qaeda in relation to a terrorist organization.
Fellow FBI agents described Zent as 'hapless'. He actually vouched for Ali Muhamed when he was in police custody in Canada, getting him released. Were it not for John Zent's careless mistakes, Ali Muhamed would not have had the freedom to execute the Black Hawk down incident in Somalia or the U.S. Embassy bombings in Africa, or 9/11.
Bad decision's about security something that Yahoo's Zent is prone to however, as he also vouched for a triple murderer. The accused man just happened to be dating his daughter. Supposedly, he killed his parents and sister for insurance money, Zent's daughter continued dating him after the investigation started to focus on him. It's been speculated that Zent's daughter actually knew about the plot and was possibly in on it. Rather than distancing himself and his family from a murderer, Zent testified in court for the defendant. Special FBI Agent Zent was embroiled in this controversy with his daughter while he should have been focused on Ali Muhamed, and preventing 9/11. His daughter is now a highly paid lawyer in California now, despite her past known record of lying in court.
Way to pick them Yahoo! You got a real upstanding citizen working for you there. No wonder things are not that secure there, if the FBI version of Barney Fife is in charge. One time, when there was a network related security issue at the company, Zent threatened to call to the Sunnyvale Police on them if they didn't stop picking on Yahoo. True story!
2,752 people died in the September 11th attacks. Comparatively, a half-million seldom used passwords being breached doesn't seem like that big of a deal.http://www.businessinsider.com/c/4fff15b5ecad04ec7e000010Steve WThu, 12 Jul 2012 14:21:41 -0400http://www.businessinsider.com/c/4fff15b5ecad04ec7e000010
Anyone I have ever known that has Yahoo email account has had it hacked at some point. This company truly, truly blows now.http://www.businessinsider.com/c/4fff07ef69beddf336000010JoeWhatThu, 12 Jul 2012 13:22:55 -0400http://www.businessinsider.com/c/4fff07ef69beddf336000010
wow, my name was on the list, thanks for the heads up. changed my gmail password immediately.http://www.businessinsider.com/c/4ffeae18ecad04403b00001edisclosureThu, 12 Jul 2012 06:59:36 -0400http://www.businessinsider.com/c/4ffeae18ecad04403b00001e
We have just put up the searchable list at Dazzlepodhttp://www.businessinsider.com/c/4ffe81a669bedda27f000005PaulThu, 12 Jul 2012 03:49:58 -0400http://www.businessinsider.com/c/4ffe81a669bedda27f000005
Passwords stored in plain text = incompetence on a grand scale.